ExamTopics Logo
Mail Us[email protected]
Menu
Redhat Discussions
exam questions

Exam EX200 All Questions

View all questions & answers for the EX200 exam
Go to Exam

Exam EX200 topic 1 question 63 discussion

Actual exam question from RedHat's EX200
Question #: 63
Topic #: 1
[All EX200 Questions]

SIMULATION -
You are a System administrator. Using Log files very easy to monitor the system. Now there are 50 servers running as Mail, Web, Proxy, DNS services etc. You want to centralize the logs from all servers into on LOG Server. How will you configure the LOG Server to accept logs from remote host?

Show Suggested Answer Hide Answer
Suggested Answer: See explanation below.
By default, system accept the logs only generated from local host. To accept the Log from other host configure: vi /etc/sysconfig/syslog SYSLOGD_OPTIONS="-m 0 -r"

Where -
-m 0 disables 'MARK' messages.
-r enables logging from remote machines
-x disables DNS lookups on messages received with -r
service syslog restart
by Moram at Sept. 16, 2020, 1:51 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ANI_04
Highly Voted 3 years, 1 month ago
$ vim /etc/rsyslog.conf # uncomment the lines containing (load = "imudp" ) (type = "imudp" port="514) (load = "imtcp" ) (type = "imtcp" port="514) $ firewall-cmd --add-port=514/tcp --permanent # restart firewall and rsyslog service
upvoted 5 times
ly01
4 months, 3 weeks ago
You forgot the UDP port: sudo vim /etc/rsyslog.conf -> uncomment imudp and imtcp portions sudo systemctl restart rsyslog.service sudo ss -tulnp | grep 514 sudo firewall-cmd --add-port=514/tcp --permanent sudo firewall-cmd --add-port=514/udp --permanent sudo firewall-cmd --reload
upvoted 1 times
...
gaven186
5 months ago
should we need to add port for 514 udp too?
upvoted 1 times
...
...
KimoHasNoBalls
Most Recent 2 years, 3 months ago
i would follow this: https://www.linuxtechi.com/configure-rsyslog-server-centos-8-rhel-8/
upvoted 1 times
...
badguy001djh
3 years, 4 months ago
In redhat 8.2, uncomment two lines contained "imtcp" in /etc/rsyslog.conf. Then restart rsyslogd service.Don't forget open port 514/tcp on firewall.
upvoted 3 times
STFN2019
3 years, 2 months ago
So you would: vi /etc/rsyslog.conf /imtcp – to search the string in question Uncomment 2 lines starting with ‘module’ and ‘input’ systemctl restart rsyslog systemctl status rsyslog (Ensure rsyslog restarted correctly) firewall-cmd --add-port=514/tcp –permanent (Add the port in question and make it permanent) firewall-cmd –reload (Reload the config to ensure changes are still in place) firewall-cmd --list-all (Verify the config)
upvoted 5 times
...
...
Ares23
3 years, 6 months ago
from 7 rsyslog replace syslog
upvoted 2 times
...
hyde666
3 years, 10 months ago
i think u can typing ls first if u not sure
upvoted 1 times
...
tahirmirza
4 years ago
so what exactly are we typing here. which part from the explanation to whrere /etc/sysconfig/rsyslog or etc/sysconfig/syslog ???
upvoted 1 times
...
Moram
4 years, 2 months ago
The file is locate at: vim /etc/sysconfig/rsyslog
upvoted 2 times
STFN2019
3 years, 2 months ago
Syslogd options are deprecated since rsyslog v3.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel